dissect.target.plugins.filesystem.unix.suid
¶
Module Contents¶
Classes¶
Base class for plugins. |
Attributes¶
- dissect.target.plugins.filesystem.unix.suid.SuidRecord¶
- class dissect.target.plugins.filesystem.unix.suid.SuidPlugin(target: dissect.target.Target)¶
Bases:
dissect.target.plugin.Plugin
Base class for plugins.
Plugins can optionally be namespaced by specifying the
__namespace__
class attribute. Namespacing results in your plugin needing to be prefixed with this namespace when being called. For example, if your plugin has specifiedtest
as namespace and a function calledexample
, you must call your plugin withtest.example
:A
Plugin
class has the following private class attributes:__namespace__
__record_descriptors__
With the following three being assigned in
register()
:__plugin__
__functions__
__exports__
Additionally, the methods and attributes of
Plugin
receive more private attributes by using decorators.The
export()
decorator adds the following private attributes__exported__
__output__
: Set with theexport()
decorator.__record__
: Set with theexport()
decorator.
The
internal()
decorator andInternalPlugin
set the__internal__
attribute. Finally.args()
decorator sets the__args__
attribute.The
alias()
decorator populates the__aliases__
private attribute ofPlugin
methods.- Parameters:
target – The
Target
object to load the plugin for.
- check_compatible() None ¶
Perform a compatibility check with the target.
This function should return
None
if the plugin is compatible with the current target (self.target
). For example, check if a certain file exists. Otherwise it should raise anUnsupportedPluginError
.- Raises:
UnsupportedPluginError – If the plugin could not be loaded.
- suid_binaries()¶
Return all SUID binaries.
A SUID binary allows all users to run it with the permissions of its owner. This means that a SUID binary owned by the root user can be run with root privileges by any user. Such binaries can be leveraged by an adversary to perform privilege escalation.
References